Skip to main content

AuthPort

stygian_graph::ports::auth

Trait AuthPort 

Source 
pub trait AuthPort: Send + Sync {
    // Required methods
    fn load_token(
        &self,
    ) -> impl Future<Output = Result<Option<TokenSet>, AuthError>> + Send;
    fn refresh_token(
        &self,
    ) -> impl Future<Output = Result<TokenSet, AuthError>> + Send;
}
Expand description

Port for runtime credential management.

Implement this trait to supply live tokens to pipeline execution. stygian-browser’s encrypted disk token store is the primary reference implementation, but in-memory and environment-variable backed variants are also common.

The trait uses native async fn in traits (Rust 2024 edition) so it is not object-safe. Use Arc<impl AuthPort> or generics rather than Arc<dyn AuthPort>.

§Example implementation (in-memory)

use stygian_graph::ports::auth::{AuthPort, AuthError, TokenSet};

struct StaticTokenAuth { token: String }

impl AuthPort for StaticTokenAuth {
    async fn load_token(&self) -> std::result::Result<Option<TokenSet>, AuthError> {
        Ok(Some(TokenSet {
            access_token: self.token.clone(),
            refresh_token: None,
            expires_at: None,
            scopes: vec![],
        }))
    }
    async fn refresh_token(&self) -> std::result::Result<TokenSet, AuthError> {
        Err(AuthError::TokenNotFound)
    }
}

Required Methods§

Source

fn load_token( &self, ) -> impl Future<Output = Result<Option<TokenSet>, AuthError>> + Send

Load the current token from the backing store.

Returns Ok(None) if no token has been stored yet.

§Errors

Returns AuthError::StorageFailed if the backing store is unavailable.

Source

fn refresh_token( &self, ) -> impl Future<Output = Result<TokenSet, AuthError>> + Send

Obtain a fresh token by exchanging the stored refresh token with the authorization server, then persist it.

Implementations should persist the refreshed token before returning so that concurrent callers get a consistent view.

§Errors

Returns AuthError::RefreshFailed when the token endpoint rejects the request, or AuthError::TokenNotFound when no refresh token is available.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementors§